OpenSSL 0.9.5a:
I was suprised to find
openssl gendsa -out /etc/ssh_dsa_key dsa1024.pem -rand /tmp/urandom
hanging. On stracing it appeared to be endlessly reading from
/dev/urandom.
This violates the "principle of least suprise". The -rand parameter
should either stop reading after a sufficient number of bytes or be
properly documented in gendsa.1.
Another bug in gendsa.1:
-rand file(s)
a file or files containing random data used to seed
the random number generator, or an EGD socket (see
RAND_egd(3)). Multiple files can be specified
separated by a OS-dependent character. The separator
is ; for MS-Windows, , for OpenVSM, and : for all
^^^
-d
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: [EMAIL PROTECTED] (home) -or- [EMAIL PROTECTED] (work)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
